Chilkat XML - ActiveX Arbitrary File Creation/Execution

----------------------------------------------------------------------------- Chilkat XML ActiveX Remote Arbitrary File Creation/Execution url: www.chilkatsoft.com File: ChilkatUtil.dll = 3.0.3.0 CLSID: 5022FAE8-B780-4B78-B8DC-1AF1145A4F42 ProgID: ChilkatUtil.CkData.1 Descr.: Chilkat CkData Marke...

Microsoft Executable Being Served

Binary data 4670.prm...

CVE-2008-3904

src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment LXDE allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename...

Google Chrome Automatic File Download

Google's Chrome BETA allows files e.g. executable files to be automatically downloaded to the user's computer without any user prompt. To check the flaw, open a URL that points to an executable file. nerex...

FreeBSD Ports: clamav

The remote host is missing an update to the system as announced in the referenced advisory. VID 271498a9-2cd4-11da-a263-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

CVE-2008-3742

Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated...

Unrestricted file upload

Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated...

CVE-2008-3742

Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated...

Reflective DLL Injection, Reverse TCP Stager (No NX or Win7)

Inject a DLL via a reflective loader. Connect back to the attacker No NX This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 177 include Msf::Payload::Stager include...

CVE-2008-3592

Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to a directory specified in the destination parameter, then accessing t...

CVE-2008-3592

Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to a directory specified in the destination parameter, then accessing t...

Unrestricted file upload

Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module 0.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension via the upfile parameter, then accessing it via a direct request to the file in...

Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit

No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...

MS Office Snapshot Viewer ActiveX Exploit (executable version)-vulnerability warning-the black bar safety net

By:lcx Executable version, please do not used for illegal purposes. script type="text/javascript" function killErrors return true; window. onerror = killErrors; var x; var obj; var mycars = new Array; mycars0 = "c:/Program Files/Outlook Express/wab.exe"; mycars1 = "d:/Program Files/Outlook...

TerminatorX <= 3.81 stack overflow local root exploit

No description provided by source. / TerminatorX V. = 3.81 local root exploit by Li0n7 Typical local stack-based overflow Bugs discovered by c0wboy from 0x333 Contact Li0n7 voila fr Usage: ./terminatorX-exp -r RET-b -s STARTINGRET -r RET: no bruteforcing, try to execute shellcode with RET as retu...

Dedecms V5可执行文件上传漏洞

这是一个比较有意思的东西，但是成功利用起来并不容易，呵呵。 首先看configrglobals.php文件，摘的一段代码如下。这里作者本意是为了帮我们注册变量的，但是他却疏忽了我们不但能注册变量，还能覆盖一些变量。configrglobalsmagic.php也有同样的问题 ………………………………………………………………………… ifisarray$GET foreach$GET AS $key = $value $$key = $value; //可以覆盖任意变量 ………… …………………………………………………………………………...

Solaris 2.5.1/2.6/7/8 rlogin /bin/login Buffer Overflow Exploit (SPARC)

No description provided by source. / $Id: raptorrlogin.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorrlogin.c - rlogin, Solaris/SPARC 2.5.1/2.6/7/8 Copyright c 2004 Marco Ivaldi [email protected] Buffer overflow in login in various System V based operating systems ...

HP Instant Support 1.0.22 - HPISDataManager.dll StartApp ActiveX Control Insecure Method

HP Instant Support 1.0.22 - HPISDataManager.dll StartApp ActiveX Control Insecure Method source: https://www.securityfocus.com/bid/29533/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to an insecure-method vulnerability. Successfully exploiting this issue allows remote...

Through the NOD of memory why so trouble-vulnerability warning-the black bar safety net

You want to move the hard drive inside the aio to elsewhere, always to NOD32 kill, depressing the ball. Is there any method to go around? The method is, of course, the key to see you have no creativity, hehe. nod32 virus scanning before will first look at the file suffix is not an executable file...

Windows Executable (PE) Files (CVE-2008-1437; CVE-2010-0233)

The Microsoft Malware Protection Engine provides the scanning, detection and cleaning capabilities for the following antivirus and antispyware clients: Windows Live OneCare, Microsoft Forefront Security, Microsoft Antigen, and Windows Defender. A denial of service vulnerability has been reported ...